Don’t fall victim to credential stuffing
“Credential stuffing” refers to a cybercriminal using stolen username and password combinations obtained from data breaches to access other online services and websites. Cybercriminals use automated tools to quickly gain access to victims’ accounts using the stolen credentials. Here are a few tips to avoid credential stuffing:
- Never reuse passwords across your personal and work accounts.
- Check out https://haveibeenpwned.com/ to see if an account has been involved in a data breach and what type of information may be available to cybercriminals.
- Do not use a password that was exposed in a security incident. Enable multi-factor authentication wherever possible.
For more tips visit the Information Security site.